10Fold – Security Never Sleeps – 84

Big items to consider: Microsoft plans to retire support for TLS certificates signed by the SHA1 hashing algorithm in the next four months, an acceleration brought on by new research showing it was even more prone to cryptographic collisions than previously thought. Tens of millions of stolen credentials for Gmail, Microsoft and Yahoo email accounts are being shared online by a young Russian hacker known as “the Collector” as part of a supposed larger trove of 1.17 billion records. An analysis of proof-of-concept (PoC) exploits shared online over the last year has shown that social media is the main distribution channel for PoCs, according to threat intelligence firm Recorded Future. All blogs hosted on Google’s blogspot.com domain can now be accessed over an encrypted HTTPS connection.

The software maker hinted at the expedited deprecation in November. Last week, it made those plans official. Sometime this summer (for those in the Northern Hemisphere, anyway) the general release versions of Microsoft’s Edge and Internet Explorer browsers will stop displaying the address bar lock when visiting HTTPS sites protected by SHA1 certificates. The change will occur even sooner for upcoming Windows Insider Preview builds, which are mostly used by developers for testing purposes.

That’s according to Hold Security, which says it has looked at more than 272 million unique credentials so far, including 42.5 million it had never seen before. A majority of the accounts reportedly were stolen from users of Mail.ru, Russia’s most popular email service, but credentials for other services apparently were also included. Hold discovered the breach when its researchers came across the hacker bragging in an online forum. Though the hacker initially asked Hold for 50 rubles for the initial 10GB stash — that’s equivalent to about 75 cents — he eventually turned it over to them in exchange for likes and votes for him on social media.

A search on Recorded Future’s threat intelligence platform uncovered roughly 12,000 PoC exploit references shared on the Web since March 22, 2015. The company says this represents a near 200 percent increase compared to the previous year. A large majority of the PoCs identified by researchers were disseminated via social media networks — primarily Twitter. In 97 percent of cases, social media has been used to share links to code repositories, paste sites, other social media networks, and deep Web forums hosting the actual PoC code. In some cases, PoC exploit references were found on code repositories, mainstream sites, blogs, forums, malware and vulnerability reporting websites, and paste sites.

Instead of the “HTTPS Availability” option, blog owners can now use a setting called “HTTPS Redirect,” which will redirect all visitors to the HTTPS version of their blogs automatically. If the setting is not used, users will still be able to access the non-encrypted HTTP version. Forcing HTTPS by default would have been better, but would have likely triggered mixed content alerts in users’ browsers for some blogs. These errors happen when a website served over HTTPS loads resources, such as images and code, from external servers that don’t use HTTPS.

10Fold Content Newsletter

Popular Post

Our Client – AppDynamics

Get in Touch with 10Fold!

With offices based in San Francisco, the California Bay Area and Southern California, 10Fold Communications is conveniently located in the epicenter of technology innovation.

About

10Fold Communications is a high-tech integrated marketing and public relations agency. We leverage our specialized skills and our well-established media and analyst relations to provide you with far-reaching perspectives, insights and results. We’re dedicated to your success and we have the know-how to make it happen..